Vulnerability Details CVE-2013-0587
Multiple cross-site scripting (XSS) vulnerabilities in IBM WebSphere Portal before 8.0.0.1 CF07 allow remote attackers to inject arbitrary web script or HTML via vectors involving the (1) Portal, (2) Portal 7.0.0.2, (3) Portal 8.0, or (4) PortalWeb2 theme.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.0%
CVSS Severity
CVSS v2 Score 4.3
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1PM90118
- http://www-01.ibm.com/support/docview.wss?uid=swg21646618
- https://exchange.xforce.ibmcloud.com/vulnerabilities/84345
- http://www-01.ibm.com/support/docview.wss?uid=swg1PM90118
- http://www-01.ibm.com/support/docview.wss?uid=swg21646618
- https://exchange.xforce.ibmcloud.com/vulnerabilities/84345
Products affected by CVE-2013-0587
-
cpe:2.3:a:ibm:websphere_portal:5.1.0.0
-
cpe:2.3:a:ibm:websphere_portal:5.1.0.1
-
cpe:2.3:a:ibm:websphere_portal:5.1.0.2
-
cpe:2.3:a:ibm:websphere_portal:5.1.0.3
-
cpe:2.3:a:ibm:websphere_portal:5.1.0.4
-
cpe:2.3:a:ibm:websphere_portal:5.1.0.5
-
cpe:2.3:a:ibm:websphere_portal:6.0.0.0
-
cpe:2.3:a:ibm:websphere_portal:6.0.0.1
-
cpe:2.3:a:ibm:websphere_portal:6.0.0.2
-
cpe:2.3:a:ibm:websphere_portal:6.0.0.3
-
cpe:2.3:a:ibm:websphere_portal:6.0.0.4
-
cpe:2.3:a:ibm:websphere_portal:6.0.1.0
-
cpe:2.3:a:ibm:websphere_portal:6.0.1.1
-
cpe:2.3:a:ibm:websphere_portal:6.0.1.2
-
cpe:2.3:a:ibm:websphere_portal:6.0.1.3
-
cpe:2.3:a:ibm:websphere_portal:6.0.1.4
-
cpe:2.3:a:ibm:websphere_portal:6.0.1.5
-
cpe:2.3:a:ibm:websphere_portal:6.0.1.6
-
cpe:2.3:a:ibm:websphere_portal:6.0.1.7
-
cpe:2.3:a:ibm:websphere_portal:6.1.0.0
-
cpe:2.3:a:ibm:websphere_portal:6.1.0.1
-
cpe:2.3:a:ibm:websphere_portal:6.1.0.2
-
cpe:2.3:a:ibm:websphere_portal:6.1.0.3
-
cpe:2.3:a:ibm:websphere_portal:6.1.5.0
-
cpe:2.3:a:ibm:websphere_portal:7.0.0.0
-
cpe:2.3:a:ibm:websphere_portal:7.0.0.1
-
cpe:2.3:a:ibm:websphere_portal:7.0.0.2
-
cpe:2.3:a:ibm:websphere_portal:8.0
-
cpe:2.3:a:ibm:websphere_portal:8.0.0.0
-
cpe:2.3:a:ibm:websphere_portal:8.0.0.1